package com.yh.controller;

import com.yh.controller.vo.UserVo;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;


/**
 * @Description: Description
 * @Author: 张颖辉(yh)
 * @CreateDate: 2018/5/4 14:26
 * @UpdateUser: 张颖辉(yh)
 * @UpdateDate: 2018/5/4 14:26
 * @UpdateRemark: The modified content
 * @Version: 1.0
 */
@Controller

public class ShiroDemoController {
    @RequestMapping(value = "/subLogin", method = RequestMethod.POST)
    @ResponseBody
    public String subLogin(UserVo userVo, HttpSession session) {
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(userVo.getUsername(), userVo.getPassword());
        try {
            subject.login(token);
        } catch (AuthenticationException e) {
            return e.getMessage();
        }
        session.setAttribute("currUser", userVo.getUsername());
        /*编程的方式检查权限 一般写在要执行的action中*/
//        String role = "user";
//        if (!subject.hasRole(role)) {
//            return "权限不足：需要【" + role + "】角色的权限";
//        }
//        String permission = "blogs:add";
//        if (!subject.isPermitted(permission)) {
//            return "权限不足：需要【" + permission + "】权限";
//        }
        return "登录成功";
    }

    /** 使用@注解的方式动作权限绑定  【推荐使用@RequiresPermissions注解】*/
    /**
     * @Description: 注解的方式绑定【角色】
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequiresRoles(value = {"admin", "user"}, logical = Logical.OR)
    @RequestMapping(value = "/testRole", method = RequestMethod.GET)
    @ResponseBody
    public String testRole() {
        return "您具有的admin or user角色权限";
    }

    /**
     * @Description: 注解的方式绑定【角色】
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequiresRoles(value = {"admin", "user"}, logical = Logical.AND)
    @RequestMapping(value = "/testRole1", method = RequestMethod.GET)
    @ResponseBody
    public String testRole1() {
        return "您具有的admin and user 角色权限";
    }

    /**
     * @Description: 注解的方式绑定【权限】
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequiresPermissions(value = {"blogs:add", "blogs:delete"}, logical = Logical.OR)//默认是 AND
    @RequestMapping(value = "/testPermissions", method = RequestMethod.GET)
    @ResponseBody
    public String testPermissions() {
        return "您具有的blogs:add  or  blogs:delete";
    }

    /**
     * @Description: 注解的方式绑定【权限】,具有区中一种权限就可以访问
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequiresPermissions(value = {"blogs:add", "blogs:delete"}, logical = Logical.AND)//默认是 AND
    @RequestMapping(value = "/testPermissions1", method = RequestMethod.GET)
    @ResponseBody
    public String testPermissions1() {
        return "您具有的blogs:add and blogs:delete权限";
    }

    /** 使用 XML 配置的方式动作权限绑定*/
    /**
     * @Description: xml配置的方式绑定
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequestMapping(value = "/testRoleByXml", method = RequestMethod.GET)
    @ResponseBody
    public String testRoleByXml() {
        return "SUCCESS";
    }

    /**
     * @Description: xml配置方式绑定 ， roles["user","admin"] 两种角色都要具备
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequestMapping(value = "/testRoleByXml1", method = RequestMethod.GET)
    @ResponseBody
    public String testRoleByXml1() {
        return "SUCCESS";
    }
    /**
     * @Description: xml配置方式绑定 ， roles["user","admin"] 两种角色都要具备
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequestMapping(value = "/testRoleByXml2", method = RequestMethod.GET)
    @ResponseBody
    public String testRoleByXml2() {
        return "SUCCESS";
    }
    /**
     * @Description: xml配置的方式绑定
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequestMapping(value = "/testPermissionsByXml", method = RequestMethod.GET)
    @ResponseBody
    public String testPermissionsByXml() {
        return "SUCCESS";
    }

    /**
     * @Description: xml配置方式绑定 ， roles["user","admin"] 两种角色都要具备
     * @Author: 张颖辉(yh)
     * @Date: 2018/5/9 22:33
     * @param: []
     * @return: java.lang.String
     * @Version: 1.0
     */
    @RequestMapping(value = "/testPermissionsByXml1", method = RequestMethod.GET)
    @ResponseBody
    public String testPermissionsByXml1() {
        return "SUCCESS";
    }
}

